McAfee MIS80E001RAI User Guide - Page 64
Events from computers on your LAN, Events from private IP addresses
UPC - 731944547817
View all McAfee MIS80E001RAI manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 64 highlights
McAfee Personal Firewall Plus Personal Firewall allows traffic from these programs, so if you see events from 127.0.0.1, it is likely that the source IP address is spoofed, or faked. Spoofed packets are usually indicate that another computer is scanning yours for Trojans. Personal Firewall blocks such intrusion attempts, so your computer is safe. Some programs, notably Netscape 6.2 and higher, require you to add 127.0.0.1 to the Trusted IP Addresses list. These programs' components communicate between each other in such a manner that Personal Firewall cannot determine if the traffic is local or not. In the example of Netscape 6.2, if you do not trust 127.0.0.1, then you will not be able to use your buddy list. Therefore, if you see traffic from 127.0.0.1 and all of the applications on your computer work normally, then it is safe to block this traffic. However, if a program (like Netscape) experiences problems, add 127.0.0.1 to the Trusted IP Addresses list in Personal Firewall. If placing 127.0.0.1 in the trusted IP list fixes the problem, then you need to weigh your options: if you trust 127.0.0.1, your program will work, but you will be more open to spoofed attacks. If you do not trust the address, then your program will not work, but you will remain protected against certain malicious traffic. Events from computers on your LAN Events can be generated from computers on your local area network (LAN). To show that these events are generated by your network, Personal Firewall displays them in green. In most corporate LAN settings, you should select Make all computers on your LAN Trusted in the Trusted IP Addresses options. In some situations, your "local" network can be as dangerous than the Internet, especially if your computer runs on a high-bandwidth DSL or cable modem based network. In this case, do not to select Make all computers on your LAN Trusted. Instead, add the IP addresses of your local computers to the Trusted IP Addresses list. Events from private IP addresses IP addresses of the format 192.168.xxx.xxx, 10.xxx.xxx.xxx, and 172.16.0.0 172.31.255.255 are referred to as non-routable or private IP addresses. These IP addresses should never leave your network, and can be trusted most of the time. The 192.168.xxx.xxx block is used with Microsoft Internet Connection Sharing (ICS). If you are using ICS, and see events from this IP block, you might want to add the IP address 192.168.255.255 to your Trusted IP Addresses list. This will trust the entire 192.168.xxx.xxx block. If you are not on a private network, and see events from these IP ranges, the source IP address might be spoofed, or faked. Spoofed packets are usually signs that someone is scanning for Trojans. It's important to remember that Personal Firewall blocked this attempt, so your computer is safe. 64 McAfee® Internet Security Suite®software